WSE2013: X509TokenProvider is unable to provide an X.509 token

  • Thread starter Thread starter tdh
  • Start date Start date
T

tdh

In windows server 2003, it works fine but windows server 2008. certificate
has imported "personal" and "other people" in "local machine" certificate
location by mmc-->certificates. run Certificates Tool installed by WSE 3.0, i
cannot find store name "personal" under "local machine" certificate location,
so i cannot config access right for it. what can i do? thanks.

server wse3policycache.config:

<serviceToken>
<x509 storeLocation="LocalMachine" storeName="My"
findValue="CN=******" findType="FindBySubjectDistinguishedName" />
</serviceToken>

client by certificate wse3policycache.config:

<serviceToken>
<x509 storeLocation="LocalMachine" storeName="AddressBook"
findValue="CN=******" findType="FindBySubjectDistinguishedName" />
</serviceToken>
client by code:
// Set the X509 Certifcate onto the assertion.
assertion.X509TokenProvider = new
X509TokenProvider(StoreLocation.LocalMachine,

StoreName.AddressBook,
"CN=******",

X509FindType.FindBySubjectDistinguishedName)


following is throw errors:


WSE2013: X509TokenProvider is unable to provide an X.509 token. There are no
certificates in the certificate store that match the find value of
'CN=******'.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information about
the error and where it originated in the code.

Exception Details: System.ArgumentException: WSE2013: X509TokenProvider is
unable to provide an X.509 token. There are no certificates in the
certificate store that match the find value of 'CN=*****'.

Source Error:

An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can
be identified using the exception stack trace below.

Stack Trace:


[ArgumentException: WSE2013: X509TokenProvider is unable to provide an X.509
token. There are no certificates in the certificate store that match the find
value of 'CN=****'. ]

Microsoft.Web.Services3.Design.X509TokenProvider.CreateToken(StoreLocation
location, StoreName storeName, String findValue, X509FindType findType) +429

Microsoft.Web.Services3.Design.ClientOutputFilter..ctor(UsernameForCertificateAssertion assertion) +41

Microsoft.Web.Services3.Design.UsernameForCertificateAssertion.CreateClientOutputFilter(FilterCreationContext context) +51

Microsoft.Web.Services3.Design.Policy.CreateClientPipeline(PipelineCreationContext context) +196
Microsoft.Web.Services3.WebServicesClientProtocol.SetPolicy(Policy
policy) +77
WSEClient.RunProxy() +457
_Default.Page_Load(Object sender, EventArgs e) +50
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o,
Object t, EventArgs e) +25
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender,
EventArgs e) +48
System.Web.UI.Control.OnLoad(EventArgs e) +133
System.Web.UI.Control.LoadRecursive() +66
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2604
 
How Do I: Export and Import Certificates? :
http://msdn2.microsoft.com/security/cc424865.aspx

--
Was this helpful? Then click the Ratings button. Voting helps the web
interface.
http://www.microsoft.com/wn3/locales/help/help_en-us.htm#RateAPostAsAnswer
Mark L. Ferguson
..

"tdh" wrote in message
news:D893C2F8-AD8D-4E5E-8977-F8B440AAC85A@microsoft.com...
> In windows server 2003, it works fine but windows server 2008. certificate
> has imported "personal" and "other people" in "local machine" certificate
> location by mmc-->certificates. run Certificates Tool installed by WSE
> 3.0, i
> cannot find store name "personal" under "local machine" certificate
> location,
> so i cannot config access right for it. what can i do? thanks.
>
> server wse3policycache.config:
>
> <serviceToken>
> <x509 storeLocation="LocalMachine" storeName="My"
> findValue="CN=******" findType="FindBySubjectDistinguishedName" />
> </serviceToken>
>
> client by certificate wse3policycache.config:
>
> <serviceToken>
> <x509 storeLocation="LocalMachine" storeName="AddressBook"
> findValue="CN=******" findType="FindBySubjectDistinguishedName" />
> </serviceToken>
> client by code:
> // Set the X509 Certifcate onto the assertion.
> assertion.X509TokenProvider = new
> X509TokenProvider(StoreLocation.LocalMachine,
>
> StoreName.AddressBook,
> "CN=******",
>
> X509FindType.FindBySubjectDistinguishedName)
>
>
> following is throw errors:
>
>
> WSE2013: X509TokenProvider is unable to provide an X.509 token. There are
> no
> certificates in the certificate store that match the find value of
> 'CN=******'.
> Description: An unhandled exception occurred during the execution of the
> current web request. Please review the stack trace for more information
> about
> the error and where it originated in the code.
>
> Exception Details: System.ArgumentException: WSE2013: X509TokenProvider is
> unable to provide an X.509 token. There are no certificates in the
> certificate store that match the find value of 'CN=*****'.
>
> Source Error:
>
> An unhandled exception was generated during the execution of the current
> web
> request. Information regarding the origin and location of the exception
> can
> be identified using the exception stack trace below.
>
> Stack Trace:
>
>
> [ArgumentException: WSE2013: X509TokenProvider is unable to provide an
> X.509
> token. There are no certificates in the certificate store that match the
> find
> value of 'CN=****'. ]
>
> Microsoft.Web.Services3.Design.X509TokenProvider.CreateToken(StoreLocation
> location, StoreName storeName, String findValue, X509FindType findType)
> +429
>
> Microsoft.Web.Services3.Design.ClientOutputFilter..ctor(UsernameForCertificateAssertion
> assertion) +41
>
> Microsoft.Web.Services3.Design.UsernameForCertificateAssertion.CreateClientOutputFilter(FilterCreationContext
> context) +51
>
> Microsoft.Web.Services3.Design.Policy.CreateClientPipeline(PipelineCreationContext
> context) +196
> Microsoft.Web.Services3.WebServicesClientProtocol.SetPolicy(Policy
> policy) +77
> WSEClient.RunProxy() +457
> _Default.Page_Load(Object sender, EventArgs e) +50
> System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o,
> Object t, EventArgs e) +25
> System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender,
> EventArgs e) +48
> System.Web.UI.Control.OnLoad(EventArgs e) +133
> System.Web.UI.Control.LoadRecursive() +66
> System.Web.UI.Page.ProcessRequestMain(Boolean
> includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2604
>
>
>
>
 
Last edited by a moderator:
i have imported my certificate into Local Machine certificate location.

"Mark L. Ferguson" wrote:

> How Do I: Export and Import Certificates? :
> http://msdn2.microsoft.com/security/cc424865.aspx
>
> --
> Was this helpful? Then click the Ratings button. Voting helps the web
> interface.
> http://www.microsoft.com/wn3/locales/help/help_en-us.htm#RateAPostAsAnswer
> Mark L. Ferguson
> .
>
> "tdh" wrote in message
> news:D893C2F8-AD8D-4E5E-8977-F8B440AAC85A@microsoft.com...
> > In windows server 2003, it works fine but windows server 2008. certificate
> > has imported "personal" and "other people" in "local machine" certificate
> > location by mmc-->certificates. run Certificates Tool installed by WSE
> > 3.0, i
> > cannot find store name "personal" under "local machine" certificate
> > location,
> > so i cannot config access right for it. what can i do? thanks.
> >
> > server wse3policycache.config:
> >
> > <serviceToken>
> > <x509 storeLocation="LocalMachine" storeName="My"
> > findValue="CN=******" findType="FindBySubjectDistinguishedName" />
> > </serviceToken>
> >
> > client by certificate wse3policycache.config:
> >
> > <serviceToken>
> > <x509 storeLocation="LocalMachine" storeName="AddressBook"
> > findValue="CN=******" findType="FindBySubjectDistinguishedName" />
> > </serviceToken>
> > client by code:
> > // Set the X509 Certifcate onto the assertion.
> > assertion.X509TokenProvider = new
> > X509TokenProvider(StoreLocation.LocalMachine,
> >
> > StoreName.AddressBook,
> > "CN=******",
> >
> > X509FindType.FindBySubjectDistinguishedName)
> >
> >
> > following is throw errors:
> >
> >
> > WSE2013: X509TokenProvider is unable to provide an X.509 token. There are
> > no
> > certificates in the certificate store that match the find value of
> > 'CN=******'.
> > Description: An unhandled exception occurred during the execution of the
> > current web request. Please review the stack trace for more information
> > about
> > the error and where it originated in the code.
> >
> > Exception Details: System.ArgumentException: WSE2013: X509TokenProvider is
> > unable to provide an X.509 token. There are no certificates in the
> > certificate store that match the find value of 'CN=*****'.
> >
> > Source Error:
> >
> > An unhandled exception was generated during the execution of the current
> > web
> > request. Information regarding the origin and location of the exception
> > can
> > be identified using the exception stack trace below.
> >
> > Stack Trace:
> >
> >
> > [ArgumentException: WSE2013: X509TokenProvider is unable to provide an
> > X.509
> > token. There are no certificates in the certificate store that match the
> > find
> > value of 'CN=****'. ]
> >
> > Microsoft.Web.Services3.Design.X509TokenProvider.CreateToken(StoreLocation
> > location, StoreName storeName, String findValue, X509FindType findType)
> > +429
> >
> > Microsoft.Web.Services3.Design.ClientOutputFilter..ctor(UsernameForCertificateAssertion
> > assertion) +41
> >
> > Microsoft.Web.Services3.Design.UsernameForCertificateAssertion.CreateClientOutputFilter(FilterCreationContext
> > context) +51
> >
> > Microsoft.Web.Services3.Design.Policy.CreateClientPipeline(PipelineCreationContext
> > context) +196
> > Microsoft.Web.Services3.WebServicesClientProtocol.SetPolicy(Policy
> > policy) +77
> > WSEClient.RunProxy() +457
> > _Default.Page_Load(Object sender, EventArgs e) +50
> > System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o,
> > Object t, EventArgs e) +25
> > System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender,
> > EventArgs e) +48
> > System.Web.UI.Control.OnLoad(EventArgs e) +133
> > System.Web.UI.Control.LoadRecursive() +66
> > System.Web.UI.Page.ProcessRequestMain(Boolean
> > includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2604
> >
> >
> >
> >
 
Last edited by a moderator:
i have imported my certificate into "local machine" certificate location.

"Mark L. Ferguson" wrote:

> How Do I: Export and Import Certificates? :
> http://msdn2.microsoft.com/security/cc424865.aspx
>
> --
> Was this helpful? Then click the Ratings button. Voting helps the web
> interface.
> http://www.microsoft.com/wn3/locales/help/help_en-us.htm#RateAPostAsAnswer
> Mark L. Ferguson
> .
>
> "tdh" wrote in message
> news:D893C2F8-AD8D-4E5E-8977-F8B440AAC85A@microsoft.com...
> > In windows server 2003, it works fine but windows server 2008. certificate
> > has imported "personal" and "other people" in "local machine" certificate
> > location by mmc-->certificates. run Certificates Tool installed by WSE
> > 3.0, i
> > cannot find store name "personal" under "local machine" certificate
> > location,
> > so i cannot config access right for it. what can i do? thanks.
> >
> > server wse3policycache.config:
> >
> > <serviceToken>
> > <x509 storeLocation="LocalMachine" storeName="My"
> > findValue="CN=******" findType="FindBySubjectDistinguishedName" />
> > </serviceToken>
> >
> > client by certificate wse3policycache.config:
> >
> > <serviceToken>
> > <x509 storeLocation="LocalMachine" storeName="AddressBook"
> > findValue="CN=******" findType="FindBySubjectDistinguishedName" />
> > </serviceToken>
> > client by code:
> > // Set the X509 Certifcate onto the assertion.
> > assertion.X509TokenProvider = new
> > X509TokenProvider(StoreLocation.LocalMachine,
> >
> > StoreName.AddressBook,
> > "CN=******",
> >
> > X509FindType.FindBySubjectDistinguishedName)
> >
> >
> > following is throw errors:
> >
> >
> > WSE2013: X509TokenProvider is unable to provide an X.509 token. There are
> > no
> > certificates in the certificate store that match the find value of
> > 'CN=******'.
> > Description: An unhandled exception occurred during the execution of the
> > current web request. Please review the stack trace for more information
> > about
> > the error and where it originated in the code.
> >
> > Exception Details: System.ArgumentException: WSE2013: X509TokenProvider is
> > unable to provide an X.509 token. There are no certificates in the
> > certificate store that match the find value of 'CN=*****'.
> >
> > Source Error:
> >
> > An unhandled exception was generated during the execution of the current
> > web
> > request. Information regarding the origin and location of the exception
> > can
> > be identified using the exception stack trace below.
> >
> > Stack Trace:
> >
> >
> > [ArgumentException: WSE2013: X509TokenProvider is unable to provide an
> > X.509
> > token. There are no certificates in the certificate store that match the
> > find
> > value of 'CN=****'. ]
> >
> > Microsoft.Web.Services3.Design.X509TokenProvider.CreateToken(StoreLocation
> > location, StoreName storeName, String findValue, X509FindType findType)
> > +429
> >
> > Microsoft.Web.Services3.Design.ClientOutputFilter..ctor(UsernameForCertificateAssertion
> > assertion) +41
> >
> > Microsoft.Web.Services3.Design.UsernameForCertificateAssertion.CreateClientOutputFilter(FilterCreationContext
> > context) +51
> >
> > Microsoft.Web.Services3.Design.Policy.CreateClientPipeline(PipelineCreationContext
> > context) +196
> > Microsoft.Web.Services3.WebServicesClientProtocol.SetPolicy(Policy
> > policy) +77
> > WSEClient.RunProxy() +457
> > _Default.Page_Load(Object sender, EventArgs e) +50
> > System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o,
> > Object t, EventArgs e) +25
> > System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender,
> > EventArgs e) +48
> > System.Web.UI.Control.OnLoad(EventArgs e) +133
> > System.Web.UI.Control.LoadRecursive() +66
> > System.Web.UI.Page.ProcessRequestMain(Boolean
> > includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2604
> >
> >
> >
> >
 
Last edited by a moderator:
Several threads here are seeing MMC problems since SP1. Something has
changed since GPEdit took over the tasks. You should probably escalate your
question to SP1 support.

Windows Vista Service Pack 1 Support:
http://technet.microsoft.com/en-us/windowsvista/cc295800.aspx
--
Was this helpful? Then click the Ratings button. Voting helps the web
interface.
http://www.microsoft.com/wn3/locales/help/help_en-us.htm#RateAPostAsAnswer
Mark L. Ferguson
..

"tdh" wrote in message
news:9B84AABF-2EF3-4B36-AE8F-D52010702C95@microsoft.com...
> i have imported my certificate into "local machine" certificate location.
>
> "Mark L. Ferguson" wrote:
>
>> How Do I: Export and Import Certificates? :
>> http://msdn2.microsoft.com/security/cc424865.aspx
>>
>> --
>> Was this helpful? Then click the Ratings button. Voting helps the web
>> interface.
>> http://www.microsoft.com/wn3/locales/help/help_en-us.htm#RateAPostAsAnswer
>> Mark L. Ferguson
>> .
>>
>> "tdh" wrote in message
>> news:D893C2F8-AD8D-4E5E-8977-F8B440AAC85A@microsoft.com...
>> > In windows server 2003, it works fine but windows server 2008.
>> > certificate
>> > has imported "personal" and "other people" in "local machine"
>> > certificate
>> > location by mmc-->certificates. run Certificates Tool installed by WSE
>> > 3.0, i
>> > cannot find store name "personal" under "local machine" certificate
>> > location,
>> > so i cannot config access right for it. what can i do? thanks.
>> >
>> > server wse3policycache.config:
>> >
>> > <serviceToken>
>> > <x509 storeLocation="LocalMachine" storeName="My"
>> > findValue="CN=******" findType="FindBySubjectDistinguishedName" />
>> > </serviceToken>
>> >
>> > client by certificate wse3policycache.config:
>> >
>> > <serviceToken>
>> > <x509 storeLocation="LocalMachine" storeName="AddressBook"
>> > findValue="CN=******" findType="FindBySubjectDistinguishedName" />
>> > </serviceToken>
>> > client by code:
>> > // Set the X509 Certifcate onto the assertion.
>> > assertion.X509TokenProvider = new
>> > X509TokenProvider(StoreLocation.LocalMachine,
>> >
>> > StoreName.AddressBook,
>> > "CN=******",
>> >
>> > X509FindType.FindBySubjectDistinguishedName)
>> >
>> >
>> > following is throw errors:
>> >
>> >
>> > WSE2013: X509TokenProvider is unable to provide an X.509 token. There
>> > are
>> > no
>> > certificates in the certificate store that match the find value of
>> > 'CN=******'.
>> > Description: An unhandled exception occurred during the execution of
>> > the
>> > current web request. Please review the stack trace for more information
>> > about
>> > the error and where it originated in the code.
>> >
>> > Exception Details: System.ArgumentException: WSE2013: X509TokenProvider
>> > is
>> > unable to provide an X.509 token. There are no certificates in the
>> > certificate store that match the find value of 'CN=*****'.
>> >
>> > Source Error:
>> >
>> > An unhandled exception was generated during the execution of the
>> > current
>> > web
>> > request. Information regarding the origin and location of the exception
>> > can
>> > be identified using the exception stack trace below.
>> >
>> > Stack Trace:
>> >
>> >
>> > [ArgumentException: WSE2013: X509TokenProvider is unable to provide an
>> > X.509
>> > token. There are no certificates in the certificate store that match
>> > the
>> > find
>> > value of 'CN=****'. ]
>> >
>> > Microsoft.Web.Services3.Design.X509TokenProvider.CreateToken(StoreLocation
>> > location, StoreName storeName, String findValue, X509FindType findType)
>> > +429
>> >
>> > Microsoft.Web.Services3.Design.ClientOutputFilter..ctor(UsernameForCertificateAssertion
>> > assertion) +41
>> >
>> > Microsoft.Web.Services3.Design.UsernameForCertificateAssertion.CreateClientOutputFilter(FilterCreationContext
>> > context) +51
>> >
>> > Microsoft.Web.Services3.Design.Policy.CreateClientPipeline(PipelineCreationContext
>> > context) +196
>> > Microsoft.Web.Services3.WebServicesClientProtocol.SetPolicy(Policy
>> > policy) +77
>> > WSEClient.RunProxy() +457
>> > _Default.Page_Load(Object sender, EventArgs e) +50
>> > System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object
>> > o,
>> > Object t, EventArgs e) +25
>> > System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object
>> > sender,
>> > EventArgs e) +48
>> > System.Web.UI.Control.OnLoad(EventArgs e) +133
>> > System.Web.UI.Control.LoadRecursive() +66
>> > System.Web.UI.Page.ProcessRequestMain(Boolean
>> > includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
>> > +2604
>> >
>> >
>> >
>> >
 
Last edited by a moderator:
Back
Top